Merge pull request #463 from m11o/feature/add-types-for-security-utils

Add Types for ActiveSupport::SecurityUtils

gems/activesupport/6.0/_test/test.rb

@@ -31,6 +31,8 @@
 hash.deep_symbolize_keys
 hash.deep_symbolize_keys!
 
+ActiveSupport::SecurityUtils.secure_compare('tokenA', 'tokenB') === false
+
 class TestAttrInternal
   attr_internal_reader :internal_variable_reader_1
   attr_internal_reader 'internal_variable_reader_2', :internal_variable_reader_3

gems/activesupport/6.0/activesupport-generated.rbs

@@ -10662,22 +10662,6 @@ module ActiveSupport
   end
 end
 
-module ActiveSupport
-  module SecurityUtils
-    # Constant time string comparison, for fixed length strings.
-    #
-    # The values compared should be of fixed length, such as strings
-    # that have already been processed by HMAC. Raises in case of length mismatch.
-    def self?.fixed_length_secure_compare: (untyped a, untyped b) -> untyped
-
-    # Constant time string comparison, for variable length strings.
-    #
-    # The values are first processed by SHA256, so that we don't leak length info
-    # via timing attacks.
-    def self?.secure_compare: (untyped a, untyped b) -> untyped
-  end
-end
-
 module ActiveSupport
   # Wrapping a string in this class gives you a prettier way to test
   # for equality. The value returned by <tt>Rails.env</tt> is wrapped

gems/activesupport/6.0/activesupport.rbs

@@ -256,6 +256,12 @@ module ActiveSupport
     def wednesday?: () -> bool
   end
 
+  module SecurityUtils
+    def self?.fixed_length_secure_compare: (String a, String b) -> bool
+
+    def self?.secure_compare: (String a, String b) -> bool
+  end
+
   class OrderedOptions < Hash[Symbol, untyped]
     alias _get []